Principal Engineer - Application Security Engineer

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Toyota's Cybersecurity & Risk Management (CSRM) group objective is to become a global cybersecurity leader in the mobility space - with the talent, scale, and services to enable our mission of securely bringing mobility for all.

We hope you will join us in this time of transformation and be a part of defining the next-generation cybersecurity capabilities for one of the largest global companies in the world. #Cyber

Who we're looking for

Toyota is looking for team members who are passionate about technology and interested in joining a collaborative and highly motivated team as a Application Security Engineer.

• Plan, coordinate, and execute application security assessments to identify vulnerabilities, control gaps, and potential attack vectors in Toyota's information systems.
• Collaborate with application teams and other cybersecurity teams to ensure effective and comprehensive engagements.
• Work closely with the application teams to share insights and knowledge from penetration tests to improve overall security posture.
• Analyze and prioritize findings from application security assessments, making data-driven recommendations to enhance the security of Toyota's systems.
• Produce high-quality reports detailing the results of exercises, including vulnerabilities, risks, and proposed mitigations, and highlighting larger thematic improvement opportunities.
• Provide guidance and support for the implementation of recommended security controls and improvements.
• Stay current with emerging threats, trends, and best practices in the cybersecurity landscape to ensure that Toyota's defenses remain effective and up-to-date.
• Foster a culture of continuous learning and improvement within the cybersecurity team.

• 5+ years of experience in cybersecurity, with a focus on penetration testing activities.
• Strong understanding of security principles, attack methodologies, and vulnerability assessment techniques.
• Experience with common penetration tooling platforms, such as Kali, etc.
• Deep knowledge of common network protocols, operating systems, security tools, and how to exploit / circumvent them.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to effectively convey technical information to both technical and non-technical stakeholders.
• Bachelor's degree in Computer Science or related discipline, or equivalent work experience.

• Experience with application development and implementing or developing mitigating controls in a large environment.
• Exploitation experience with Active Directory / Azure Active Directory, containerization platforms (Docker, Kubernetes, etc.), and major cloud environments (AWS, Azure, GCP, etc.)
• Knowledge of industry-standard frameworks and best practices (e.g., NIST, ISO, OWASP).
• Master's degree in Computer Science or related discipline.
• Relevant certifications (e.g., OSCP, OSCE, CISSP) are highly desirable.

• A work environment built on teamwork, flexibility and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)
• Relocation assistance (if applicable)